diff options
| author | Thomas Gleixner <tglx@linutronix.de> | 2019-02-20 09:40:40 +0100 |
|---|---|---|
| committer | Ben Hutchings <ben@decadent.org.uk> | 2019-05-22 23:15:24 +0100 |
| commit | 55d9115831505ed6750a94a902cbc8363f96162a (patch) | |
| tree | de21b85d3b0dfb78f90f0b08d7647b20dd3d05ab /arch/x86/include | |
| parent | 5a9c3df41fd8337f34b5e6eaf4ceb02c79c3055d (diff) | |
x86/speculation/mds: Add mitigation mode VMWERV
commit 22dd8365088b6403630b82423cf906491859b65e upstream.
In virtualized environments it can happen that the host has the microcode
update which utilizes the VERW instruction to clear CPU buffers, but the
hypervisor is not yet updated to expose the X86_FEATURE_MD_CLEAR CPUID bit
to guests.
Introduce an internal mitigation mode VMWERV which enables the invocation
of the CPU buffer clearing even if X86_FEATURE_MD_CLEAR is not set. If the
system has no updated microcode this results in a pointless execution of
the VERW instruction wasting a few CPU cycles. If the microcode is updated,
but not exposed to a guest then the CPU buffers will be cleared.
That said: Virtual Machines Will Eventually Receive Vaccine
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Reviewed-by: Borislav Petkov <bp@suse.de>
Reviewed-by: Jon Masters <jcm@redhat.com>
Tested-by: Jon Masters <jcm@redhat.com>
Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
Diffstat (limited to 'arch/x86/include')
| -rw-r--r-- | arch/x86/include/asm/processor.h | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/arch/x86/include/asm/processor.h b/arch/x86/include/asm/processor.h index bcf19c6e03ec..bca59eb2f290 100644 --- a/arch/x86/include/asm/processor.h +++ b/arch/x86/include/asm/processor.h @@ -957,6 +957,7 @@ void df_debug(struct pt_regs *regs, long error_code); enum mds_mitigations { MDS_MITIGATION_OFF, MDS_MITIGATION_FULL, + MDS_MITIGATION_VMWERV, }; #endif /* _ASM_X86_PROCESSOR_H */ |